Aug 21 2020 07:53 AM
Greetings,
I'm looking for best practices in implementing Permissions in SharePoint that allows us to ensure we have protocols in place to secure PII and other confidential information.
Aug 21 2020 12:26 PM
Hi, I would suggest beginning with DLP policies in the Security and Compliance Center at https://protection.office,com
You can configure based on built in sensitive information types including PII. I'd recommend starting with a small pilot groups of users and also set some policies in test mode with notifications to get going.
Aug 21 2020 02:52 PM
Aug 21 2020 11:41 PM
Yes, absolutely agree on Sensitivity Labels. I always begin with DLP, then look at Sensitivity labels next.
@voneil - if you want to look into Sensitivity Labels in addition to DLP, you will need to ensure that you have additional licensing for it. You will need either AIP P1, EM+S E3, or M365 E3 to implement Sensitivity labelling, or if you wanted the more advanced features - which include auto labelling, and the availability of the AIP scanner to protect on-premises content, then you will need EM+S E5 or M365 E5. There was previously a separate AIP P2 subscription for this, but Microsoft have recently discontinued this one.